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Amendments to the Claims 



1 1. (Currently Amended) A system A methodology framework for analyzing a 

2 solution an information technology system including a plurality of components 

3 and for designing security into that solution system , the system framework 

4 comprising: a first system which identifies the security threats for the solution; 

5 a second system having a security reference model which determines the 

6 security properties and functions of the overall solution that uses, as a baseline, a 

7 security model comprising a plurality of interrelated and interdependent security 

8 subsystems, the security subsystems further comprising an audit subsystem, an 

9 integrity subsystem, and an information flow control subsystem , the second system to 

10 determine security properties and functions of the information technology system in 

11 terms of the security subsystems ; 

12 a third system which is coupled to the second system and which allocates 

13 security properties to the components of the solution information technology system 

14 based upon the selected functions which are derived from the nature and number of the 

15 security subsystems within the solution information technology system ; 

16 a fourth system which is coupled to the third system for allocating the security 

17 properties to the components of the solution information technology system and which 

18 identifies functional requirements for the components, in terms of the Common 

19 Criteria, in order to comply with the security properties of the component allocated by 

20 the third system; and 

21 a fifth system which is coupled to the fourth system and which documents the 

22 requirements for the security components for the information technology system . 
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1 2. (Currently Amended) A system framework for designing security into a solution 

2 an information technology system including the elements of Claim 1 wherein the 

3 second system which identifies security properties of the solution information 

4 technology system includes a component which uses standard security 

5 subsystems for identifying security properties. 

1 3, (Currently Amended) A system framework for designing security into a solution 

2 an information technology system including the elements of Claim 2 wherein the 

3 standard criteria for identifying security properties includes a system which 

4 maps functions of standard security subsystems to an ISO standard 15408, also 

5 known as Common Criteria. 

1 4. (Currently Amended) A system framework for designing security into a solution 

2 an information technology system including the elements of Claim 1 wherein the 

3 system framework further includes a system which documents the solution and 

4 the security assumptions using a solution design security methodology. 

1 5. (Currently Amended) A system framework for designing security into a solution 

2 information technology system including the elements of Claim 4 wherein the 

3 system framework further provides integrity assurance requirements using a 

4 standard set of criteria. 
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1 6. (Currently Amended) A system framework for designing security into a solution 

2 an information technology system including the elements of Claim 5 wherein the 

3 standard set of criteria are in accordance with ISO 15408. 

1 7. (Currently Amended) A method of designing security for a solution in a for an 

2 information technology system which includes insecure components, the steps of 

3 the method comprising: 

4 identifying the security threats to the solution system ; 

5 determining the security properties within a reference model comprising m 

6 terms of a plurality of interconnected and interdependent security subsystems that, 

7 inter alia, manage audits, integrity, and information flow control as a baseline model of 

8 the overall solutions 

9 assigning selected security properties functional details of the plurality of 

10 security subsystems to an infrastructure, a plurality of components, and a plurality of 

11 operations of fer the overall solution to components of the solution system ; 

12 enumerating security requirements for the infrastructure, components and 

13 operations; 

14 developing integrity assurance requirements; and 

15 creating at least one functional technology diagram to document security 

16 requirements for the solution system . 

1 8. (Currently Amended) A method of designing a secure solution including the 

2 steps of Claim 7 wherein the method further includes the step of ranking the 

3 security threats to the overall solution system and considering the biggest 
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4 threats to the security properties of the overall solution system in terms of the 

5 security subsystems. 

1 9. (Currently Amended) A method of designing a secure solution system including 

2 the steps of Claim 8 wherein the step of ranking the security threats to the 

3 security properties of the overall solution system includes the step of doing less 

4 for security threats not considered substantial threats to the security properties 

5 of the overall solution system in terms of the security subsystems. 

1 10. (Currently Amended) A method of designing a secure solution system including 

2 the steps of Claim 7 wherein the method further includes the step of 

3 documenting the solution system environment and security assumptions and 

4 using the environment and security assumptions in developing the security 

5 properties of the overall solution system . 

1 11. (Currently Amended) A method of designing a secure solution system including 

2 the steps of Claim 7 wherein the method further includes the step of developing 

3 integrity assurance requirements for the solution system and using those 

4 integrity assurance requirements in the functional technology diagram(s) for the 

5 solution system . 

1 12. (Currently Amended) A method of securing a solution including the steps of 

2 Claim 7 wherein the step of determining the security properties of the overall 
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3 solution system includes the step of using standard criteria for evaluating the 

4 solution. 

1 13. (Currently Amended) A method of securing a solution including the steps of 

2 Claim 12 wherein the step of determining the security properties of the overall 

3 solution system includes the step of using the Common Criteria of ISO Standard 

4 15408. 

1 14. (Currently Amended) A method of securing a solution system including the steps 

2 of Claim 7 wherein the step of enumerating security requirements for 

3 infrastructure, components and operations includes the step of using an industry 

4 standard security criteria. 

1 15. (Currently Amended) A method of securing a solution system including the steps 

2 of Claim 14 wherein the step of using an industry standard security criteria 

3 includes the step of using Common Criteria which conforms to ISO Standard 

4 15408. 

1 16. (Currently Amended) A method of securing a solution system including the steps 

2 of Claim 7 wherein the step of enumerating security requirements for 

3 infrastructure, components and operations includes the step of identifying, 

4 enumerating and describing a number of standard security subsystems that in 

5 total represent the security function of the solution. 
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